SUSE Container Update Advisory: suse/git ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:2972-1 Container Tags : suse/git:2.43 , suse/git:2.43-17.8 , suse/git:latest Container Release : 17.8 Severity : important Type : security References : 1224168 1224170 1224171 1224172 1224173 1226642 CVE-2024-32002 CVE-2024-32004 CVE-2024-32020 CVE-2024-32021 CVE-2024-32465 CVE-2024-6387 ----------------------------------------------------------------- The container suse/git was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2275-1 Released: Tue Jul 2 16:33:30 2024 Summary: Security update for openssh Type: security Severity: important References: 1226642,CVE-2024-6387 This update for openssh fixes the following issues: - CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2277-1 Released: Tue Jul 2 17:03:49 2024 Summary: Security update for git Type: security Severity: important References: 1224168,1224170,1224171,1224172,1224173,CVE-2024-32002,CVE-2024-32004,CVE-2024-32020,CVE-2024-32021,CVE-2024-32465 This update for git fixes the following issues: - CVE-2024-32002: Fix recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion. (bsc#1224168) - CVE-2024-32004: Fixed arbitrary code execution during local clones. (bsc#1224170) - CVE-2024-32020: Fix file overwriting vulnerability during local clones. (bsc#1224171) - CVE-2024-32021: Git may create hardlinks to arbitrary user-readable files. (bsc#1224172) - CVE-2024-32465: Fixed arbitrary code execution during clone operations. (bsc#1224173) The following package changes have been done: - git-core-2.43.0-150600.3.3.1 updated - openssh-clients-9.6p1-150600.6.3.1 updated - openssh-common-9.6p1-150600.6.3.1 updated